Protect Your Digital Privacy – Take Control Today

Privacy Policy

Privacy Policy

Last Updated: February 2026

1. Introduction

Footprint Gone (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at https://footprintgone.com and use our data removal services.

Footprint Gone is a data removal service registered in England and Wales [Company Registration Number: TO BE COMPLETED]. Our registered address is [Registered Address: TO BE COMPLETED].

This Privacy Policy complies with the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018, the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

We collect information about you in various ways, including information you provide directly and information we collect automatically.

2.1 Information You Provide Directly

  • Account Registration: When you create an account, we collect your name, email address, phone number, postal address, and password.
  • Payment Information: When you purchase our Services, we collect payment information including billing address and the last four digits of your payment card. Payment card details are processed securely by our payment processors (Stripe and PayPal) and are not stored on our servers.
  • Data Removal Requests: To provide our core Services, we collect personal information that you request us to remove from third-party sites. This may include your full name, addresses (current and previous), email addresses, phone numbers, and other personal identifiers you specify.
  • Communications: When you contact us via email, contact forms, or customer support, we collect the contents of your messages, attachments, and your contact information.
  • Identity Verification: To comply with our legal obligations and prevent misuse, we may request identity verification documents.

2.2 Information Collected Automatically

  • Device Information: We collect information about your device, including IP address, browser type, operating system, and device identifiers.
  • Usage Information: We collect information about your interactions with our website and Services, including pages visited, links clicked, features used, and the date and time of your activities.
  • Cookies and Similar Technologies: We use cookies, web beacons, pixels, and similar tracking technologies. Please see our Cookie Policy for more information.
  • Location Information: We may collect approximate location information based on IP address (not precise GPS location).

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our data removal Services, including scanning your personal information across data brokers and third-party sites, and submitting removal requests on your behalf.
  • Account Management: To create and maintain your account, process your transactions, and send transactional communications (order confirmations, password resets, account updates).
  • Legal Compliance: To comply with applicable laws, regulations, and legal obligations, including anti-money laundering and fraud prevention requirements.
  • Fraud Prevention: To detect, investigate, and prevent fraudulent transactions and misuse of our Services.
  • Communication: To respond to your inquiries, provide customer support, and send administrative information.
  • Marketing: To send you marketing communications (where you have consented), including information about new features, services, and special offers. You can opt out of marketing communications at any time.
  • Analytics and Improvements: To analyze usage patterns, understand customer needs, and improve our website and Services.
  • Third-Party Requests: To respond to valid legal requests from law enforcement or judicial authorities.

4. Legal Basis for Processing

Under the GDPR and Data Protection Act 2018, we process your personal data on the following legal bases:

  • Consent: Where you have explicitly consented to the processing (e.g., marketing communications).
  • Contract Performance: Where processing is necessary to perform our contract with you, including providing data removal Services and processing payments.
  • Legitimate Interests: Where we have a legitimate interest in processing your data that is not overridden by your rights and interests, including fraud prevention, customer service, analytics, and website security.
  • Legal Obligation: Where processing is necessary to comply with applicable laws and regulations.
  • Vital Interests: Where processing is necessary to protect vital interests (health or safety).

5. Who We Share Your Information With

We may share your personal information with third parties in the following circumstances:

5.1 Data Brokers and Third-Party Sites

To provide our core Services, we submit removal requests to data brokers, people-search websites, search engines, and other third-party sites on your behalf. These sites may process your personal information according to their own privacy policies. We only share information necessary for the removal request.

5.2 Service Providers

We share information with trusted third-party service providers who assist us in operating our website and providing Services, including:

  • Hosting Provider: GoDaddy (website hosting and security)
  • Payment Processors: Stripe and PayPal (payment processing). These providers are certified under the Payment Card Industry Data Security Standard (PCI DSS).
  • Email Service Providers: For sending transactional and marketing communications
  • Analytics Providers: Google Analytics (if used) for understanding website usage
  • Customer Support Tools: Help desk and ticketing systems

5.3 Legal Requirements and Authorities

We may disclose your information when required by law or when we believe in good faith that disclosure is necessary to:

  • Comply with applicable laws, regulations, or valid legal processes (court orders, subpoenas, warrants)
  • Enforce our Terms of Service and other agreements
  • Protect the rights, privacy, safety, or property of Footprint Gone, our users, or the public
  • Detect and prevent fraud, security issues, or technical problems

5.4 Business Transfers

If Footprint Gone is involved in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different Privacy Policy.

5.5 Aggregated and De-Identified Information

We may share aggregated and de-identified information (information that cannot reasonably be used to identify you) with third parties for marketing, advertising, analytics, research, and other purposes without restriction.

6. Data Retention

We retain your personal information for different periods depending on the type of information and the purpose of processing:

  • Account Data: We retain your account information (name, email, address, payment information) for as long as your account is active, plus 30 days after account closure or deletion.
  • Scan Results: Scan results and reports showing your personal information found on third-party sites are retained for 90 days from the date of the scan.
  • Removal Records: Records of removal requests submitted to third-party sites are retained for 12 months to verify completion of Services.
  • Payment Records: Payment transaction records are retained for 6 years to comply with UK tax and accounting requirements.
  • Communications: Customer communications are retained for as long as necessary to resolve issues, plus 2 years for record-keeping purposes.
  • Cookies: Session cookies expire when you close your browser; persistent cookies are retained for up to 1 year (unless configured otherwise).
  • Marketing Consent Records: Records of your marketing preferences are retained until you withdraw consent or request deletion.

We will delete or anonymize your information once the retention period has expired, unless we are required to retain it by law.

7. Your Rights

Under the GDPR, Data Protection Act 2018, and CCPA, you have the following rights:

7.1 Right of Access

You have the right to request a copy of all personal information we hold about you. We will provide this information in a structured, commonly used, and machine-readable format within 30 days of your request.

7.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

7.3 Right to Erasure (“Right to be Forgotten”)

You have the right to request deletion of your personal information in certain circumstances, including:

  • The information is no longer necessary for the purposes for which it was collected
  • You withdraw your consent to processing
  • You object to processing and there is no overriding legitimate interest
  • The information was unlawfully processed

We may retain information where necessary to comply with legal obligations or establish, exercise, or defend legal claims.

7.4 Right to Restrict Processing

You have the right to request that we limit our use of your personal information while we verify its accuracy, consider your objection, or determine whether we have a legitimate interest in processing.

7.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another organization without hindrance. This right applies where processing is based on consent or contract and is carried out by automated means.

7.6 Right to Object

You have the right to object to processing of your personal information, including for direct marketing purposes. We will cease processing for marketing purposes upon receipt of your objection.

7.7 Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

7.8 Rights Related to Automated Decision-Making

You have rights relating to automated decision-making and profiling. We do not carry out automated decision-making that has legal or similarly significant effects.

7.9 California Consumer Privacy Rights

If you are a California resident, you have the following rights under the CCPA:

  • Right to know what personal information is collected, used, shared, and sold
  • Right to delete personal information collected from you (with certain exceptions)
  • Right to opt-out of the sale or sharing of your personal information
  • Right to correct inaccurate personal information
  • Right to limit our use and disclosure of sensitive personal information
  • Right not to receive discriminatory treatment for exercising your rights

To exercise your California rights, please contact us at privacy@footprintgone.com with “CCPA Request” in the subject line. We will verify your identity and respond within 45 days.

7.10 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@footprintgone.com with details of your request. We will verify your identity (to prevent unauthorized access to your information) and respond within 30 days. If your request is complex, we may extend this period by an additional 60 days, and we will notify you of the extension.

8. International Data Transfers

Footprint Gone is based in the United Kingdom and operates globally. Your personal information may be transferred to, stored in, and processed in countries other than your country of residence, including countries that may not have the same level of data protection as the UK.

When we transfer data internationally (outside the UK/EEA), we implement safeguards including:

  • Standard Contractual Clauses: We use the European Commission’s Standard Contractual Clauses (SCCs) for transfers outside the UK/EEA.
  • Adequacy Decisions: We rely on the UK and EU adequacy decisions recognizing equivalent data protection in certain jurisdictions.
  • Your Consent: Where appropriate, we obtain your explicit consent for transfers to countries without adequate protection.

By using our Services, you consent to the transfer of your information to countries outside the UK/EEA as described in this Privacy Policy.

9. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Regular security audits and penetration testing
  • Access controls limiting employee access to personal data
  • Secure password policies and multi-factor authentication options
  • Regular staff training on data protection and security
  • Incident response procedures for data breaches

However, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of your information, and transmission is at your own risk.

10. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

  • Notify you without undue delay and no later than 72 hours after becoming aware of the breach
  • Report the breach to the Information Commissioner’s Office (ICO) unless the breach is unlikely to result in risk to your rights
  • Provide you with information about the nature of the breach, the data affected, and recommended protective measures

11. Cookie Policy

We use cookies and similar technologies on our website. Please see our separate Cookie Policy for detailed information about the cookies we use, why we use them, and how to manage your cookie preferences.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites before providing your personal information or using their services.

13. Children’s Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will delete such information promptly. If you believe we have collected information from a child under 18, please contact us immediately at privacy@footprintgone.com.

14. California “Shine the Light” Disclosure

California residents have the right to request disclosure of information about third parties with whom we have shared personal information for their direct marketing purposes. To make such a request, please contact us at privacy@footprintgone.com with “California Privacy Request” in the subject line.

15. Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or have privacy-related concerns, please contact us:

  • Email: privacy@footprintgone.com
  • Mailing Address: Footprint Gone, [Registered Address: TO BE COMPLETED], England and Wales

16. Information Commissioner’s Office (ICO)

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK if you believe we have violated your data protection rights. You can contact the ICO at:

  • Website: www.ico.org.uk
  • Email: casework@ico.org.uk
  • Phone: 0303 123 1113
  • Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

If you are a resident of the EU, you may also lodge a complaint with your local data protection authority.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the revised Privacy Policy on our website and updating the “Last Updated” date. Your continued use of our Services following the posting of revised Privacy Policy means that you accept and agree to the changes. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

18. Data Protection Officer

While Footprint Gone is not required to appoint a dedicated Data Protection Officer under GDPR regulations, all data protection matters and privacy concerns are handled by our Privacy Team. Please direct all privacy-related inquiries to privacy@footprintgone.com.

Disclaimer: This Privacy Policy is intended to provide general guidance and should be reviewed by a qualified solicitor or data protection professional to ensure full compliance with all applicable data protection laws in your jurisdiction. Footprint Gone makes no representations or warranties regarding the completeness or accuracy of this policy.

Scroll to Top